漏洞类别：Local 漏洞等级： 漏洞信息 Google Chrome is a web browser for multiple platforms developed by Google. This Google Chrome update fixes the following vulnerabilities: A heap corruption error may occur in FFmpeg [CVE-2016-5199]. An out-of-bounds memory access error ma…

漏洞类别：Local 漏洞等级： 漏洞信息 Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android. Multiple vulnerabilities were reported in Mozilla Firefox. A heap overflow may occur in Cairo in the processing of SV…

漏洞类别：Local 漏洞等级： 漏洞信息 The colorscore Ruby Gem finds the dominant colors in an image and scores them against a user-defined palette, using the CIE2000 Delta E formula. The contents of the `image_path`, `colors`, and `depth` variables generated from possibly use…

漏洞类别：Local 漏洞等级： 漏洞信息 Oracle's PeopleSoft applications are designed to address the most complex business requirements. Multiple vulnerabilities were reported in Oracle PeopleSoft Products. - Vulnerability in the PeopleSoft Enterprise PeopleTools component of O…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for JAR integrity verification. This flaw could allow an attacker to modify content of the JAR file that used weak signing key or…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 It was discovered that the OpenSSH sshd daemon fetched PAM environment settings before running the login program. In configurations with UseLogin=yes and the pam_env PAM module configured to read user environment settings, a local …

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 A heap-buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use poppler to crash or, potentially, execute arbitrary code when opened. 漏洞危害 Allows unautho…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. 漏…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 The implementation of ORDER BY and GROUP BY in Zend_Db_Select was discovered to be vulnerable to SQL injection. 漏洞危害 Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service. 解决方…

漏洞类别：CGI 漏洞等级： 漏洞信息 Moodle (Modular Object-Oriented Dynamic Learning Environment) is a free e-learning software platform, also known as a Learning Management System, or Virtual Learning Environment. Moodle 2.9.x has been detected on the host. Support for Moodl…

漏洞类别：CGI 漏洞等级： 漏洞信息 Moodle (Modular Object-Oriented Dynamic Learning Environment) is a free e-learning software platform, also known as a Learning Management System, or Virtual Learning Environment. Moodle 2.9.x has been detected on the host. Support for Moodl…

漏洞类别：CGI 漏洞等级： 漏洞信息 Moodle (Modular Object-Oriented Dynamic Learning Environment) is a free e-learning software platform, also known as a Learning Management System, or Virtual Learning Environment. Moodle 2.8.x has been detected on the host. Support for Moodl…

漏洞类别：CGI 漏洞等级： 漏洞信息 Moodle (Modular Object-Oriented Dynamic Learning Environment) is a free e-learning software platform, also known as a Learning Management System, or Virtual Learning Environment. Moodle 2.6.x has been detected on the host. Support for Moodl…

漏洞类别：CGI 漏洞等级： 漏洞信息 Moodle (Modular Object-Oriented Dynamic Learning Environment) is a free e-learning software platform, also known as a Learning Management System, or Virtual Learning Environment. Moodle 2.5.x has been detected on the host. Support for Moodl…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The policycoreutils packages contain the core policy utilities required to manage a SELinux environment. Security Fix(es): * It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A speci…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for mysql to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain complet…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for flash-player to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information. Malicious u…

漏洞类别：Local 漏洞等级： 漏洞信息 VMware Workstation is a hosted hypervisor that runs on x64 versions of Windows and Linux operating systems. The drag-and-drop (DnD) function in VMware Workstation and Fusion has an out-of-bounds memory access vulnerability. This may allow…

漏洞类别：Local 漏洞等级： 漏洞信息 McAfee ePolicy Orchestrator (ePO) software centralizes and streamlines management of endpoint, network, content security and compliance solutions. The vulnerability exists because ePolicy Orchestrator (ePO) is packaged with Apache Commons…

漏洞类别：Local 漏洞等级： 漏洞信息 InduSoft Web Studio is a collection of automation tools that provide automation building blocks to develop HMIs, SCADA systems and embedded instrumentation solutions. InduSoft may also be integrated as a third-party application in control…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that QEMU incorrectly handled the Virtio module. It was discovered that QEMU incorrectly handled VMWARE VMXNET3 network card emulation support. It was discovered that QEMU incorrectly handled VMWARE VMXNET3 network card…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. 漏洞危害 A local attacker could use this to cause a denial of service (system crash). 解…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. 漏洞危害 A local attacker could use this to cause a denial of service (system crash). 解…

漏洞类别：Ubuntu 洞等级： 漏洞信息 It was discovered that the compression handling code in the Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel did not properly check for an integer overflow. It was discovered that memory manager in the Linux kernel d…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A use-after-free vulnerability during error processing in the recvmmsg(2) implement…